On today's episode of The Restaurant Realty in 10 host, Michael Carro, is joined by Greg Litton of Everest Payment Solutions. Greg explains how credit card PCI compliance works for restaurants and steps you can take to remain compliant and avoid hefty fees.
"Accepting credit cards is now a necessary evil for restaurants, but you can mitigate your compliance fees."
Key Take Aways:
PCI stands for Payment Card Industry and is the “sheriff” for businesses that accept credit card payments.
PCI Compliance is making sure that you are up to date and up to speed with what PCI says the new standards are.
Mitigate your non-compliance fees by being aware of required changes and updating your system prior to the deadline
Ensure you are completing the new annual PCI compliance quiz to avoid unnecessary charges from your credit card service provider.
On today's episode of The Restaurant Realty in 10 host, Michael Carro, is joined by Greg Litton of Everest Payment Solutions. Greg explains how credit card PCI compliance works for restaurants and steps you can take to remain compliant and avoid hefty fees.
"Accepting credit cards is now a necessary evil for restaurants, but you can mitigate your compliance fees."
Key Take Aways:
PCI stands for Payment Card Industry and is the “sheriff” for businesses that accept credit card payments.
PCI Compliance is making sure that you are up to date and up to speed with what PCI says the new standards are.
Mitigate your non-compliance fees by being aware of required changes and updating your system prior to the deadline
Ensure you are completing the new annual PCI compliance quiz to avoid unnecessary charges from your credit card service provider.
Subscribe to get new episodes that provide uncensored straight talk geared to answer your restaurant and restaurant real estate questions.
Michael Carro :
Welcome to The Restaurant Realty in 10. Ten minutes of uncensored straight talk for restaurant entrepreneurs. Twice weekly The Restaurant Realty in 10 dives into restaurant operations, facilities, real estate and investments.
Michael Carro :
Welcome to this episode of The Restaurant Realty in 10. This is your host Michael Carro. And today I'm joined by Greg Litton, with Everest payment solutions, and really wanted to dive into credit card liability. There's so much about PCI compliance. I don't have a clue what all that means. I just know that you need to stay out of trouble. So Greg, welcome back to the program.
Greg Litton :
Thank you, Michael.
Michael Carro :
So what is PCI compliance and why should we care
Greg Litton :
PCI compliance? Well, first PCI stands for payment card industry and in credit card processing. They are the sheriff. They're the big dog when they tell restaurants, retailers, anybody that accepts a credit card to jump the only thing you can do is ask them how high. So PCI compliance is every year with all the new fraud, all the theft, The industry has to get more and more complex to fight that. And so PCI controls the standards that are used to protect both sides, the consumer and the business owner. And compliance is making sure that you are up to date and up to speed with what PCI says the new standards are.
Michael Carro :
So a couple years ago, the new standard of chips inside your card would that have been a PCI compliant action?
Greg Litton :
Yes. And when they started come out with the chip cards, PCI says to the merchants, they never say like, Look, next week, you got to do something they always give you, you know quite a ways with that. I think they gave the year and a half, but they gave a year and a half. Notice that by this date. If your business isn't able to handle the chip cards, you're in non compliance. And what that basically means is you can keep doing business as you are.
Michael Carro :
You're just vulnerable.
Greg Litton :
And if you have an issue and you knew you were out of compliance, that's when the non compliance fines and the penalties start.
Michael Carro :
and those fines my understanding is they can go from $5,000 to $100,000 per month for penalties and fines for non compliant actions by those taking credit cards.
Greg Litton :
Exactly. And I'd like to be able to give you exact numbers, but I really can't because PCI handles it. And how they levy these fines out. My guess educated guess, of course, is the severity has something to do with obviously the amount of money or the amount of breaches that happened, how many cards were affected, probably also with the negligence of the business, but it's very heavy. And when you get into that situation, it's not "Okay. Get up to compliance. And these fines go away."
Michael Carro :
Here. I can tell you what happened with a lot of restaurants right after the date of compliance passed for the chips. So a lot of consumers are savvy and smart. They knew that if they had the chip, and they swipe the card and they challenged, they would get their money back.
Greg Litton :
They won automatically.
Michael Carro :
They won automatically and that we all can agree that's crap, but that was the rule. So there was people going out swipe swipe swipe swipe swipe challenge challenge challenge and they got to check back and then they retailer in restaurants are like what what are you talking about? There's the signature. I even have that guy on videotape. Doesn't matter. That's what you're referring to.
Greg Litton :
Exactly. And one of my customers won't give the name but a high-end restaurant here in town, had a big one. They had a big catering and that's exactly what happened and cost them I think well into the thousands and it is it's bogus. But the other side of that is when you don't comply with it and you get fined. You either pay that fine or you don't accept credit card.
Michael Carro :
You lose the privilege of collecting credit card payments.
Greg Litton :
and we all know, and you especially, being in the restaurant world, if you don't accept credit cards you almost cannot survive.
Michael Carro :
Not almost anymore. You know it used to be there was a day way back when were credit cards were convenient. They're not convenient anymore. They are a must if you want to be in business,
Greg Litton :
But the other flip side of that: restaurant bars if you are thinking or even would want to not accept them, you're really crazy. Because back when there were a bunch of restaurant bars not accepting credit cards, the average increase in volume when you started to take a credit card, I mean this these are factual numbers, it was over 25% increase in volume. Because when somebody comes to a restaurant and bar and all they can spend is the cash they have in their pocket. And people think "Well I'll just put in an ATM." Well, an ATM still only, you're still only getting what they're willing to take out, see, and give away. When they can use a credit card.
Michael Carro :
It needs to be like a poker room or a casino. Chips spend so much faster than cash.
Greg Litton :
Exactly. Why do you think when you go on a cruise, they don't take cash. They give you a little card that just charges everything...
Michael Carro :
And at the end of that cheap cruise. You're like, "Ah, what the heck just happened?"
Greg Litton :
Yeah, they slip
Michael Carro :
but we actually drank that much.
Greg Litton :
They slip What? Well, it's not a little they probably have to do page by page under your door to look at the list of all you've spent. And so taking credit cards is a necessary evil in the restaurant world. But if you do, mitigate your fees and stay up to date with compliance, PCI even started an annual compliance thing, and I really don't like it. I hate it for all the owners. Make sure you're not paying too much for that annually because a lot of credit card businesses, let's just say gouge their customers on that they blame PCI PCI about five years ago, they came up with an annual compliance where you have to take a quiz basically, most people don't even do it, then they still get charged the annual fee, which should be if you're paying more than about $75 a year you need to get that looked at for the annual fee. But if you don't take that quiz, your processor adds another $20 a month as a non compliance fee. It doesn't really cost you anything or help you if you have a breach or it's really a useless thing. I asked when we had the big conference call years ago I asked PCI, "Well, What's it for? Then you send them a little certificate." They said, "Well, if you take the quiz, it's supposed to send up red flags."
Michael Carro :
Raise your IQ in the PCI compliance.
Greg Litton :
Yes. But none of the owners understand the questions they go through as quick as they can, but you need to go through it to eliminate those fees.
Michael Carro :
Well, thank you very much. That's Greg Linton with Everest Payment Solutions. And that's this episode of The Restaurant Realty in 10. Thank you for listening to The Restaurant Realty in 10. If you're interested in restaurants, whether operations, facilities, buying, leasing, or investment The Restaurant Realty in 10 is for you. Please subscribe to this podcast and you can also visit TheRestaurantRealty.com for show notes, topics, and additional information.